Configure app migration to Okta Personal

App migration allows users to move personal apps from their workforce accounts into their Okta Personal accounts. This feature ensures that users maintain access to their personal apps if they leave the company, and it helps you keep your org clear of non-work data. To prevent data leakage during the process, you can block specific email domains from migration.

You don't have to enable app migration to use Okta Personal for Workforce. Let users know that they can manually add personal apps to their Okta Personal dashboard and then remove them from the work dashboard.

Eligibility

Org-managed apps aren't eligible for migration. These include private apps and managed apps added by a user through self-service.

Personal apps are eligible for migration only if the user added them and signs in with a personal email address. If a user signs in to a personal app with their work email address (or one of the blocked email domains), that app can't migrate.

Before you begin

You must be a super admin or an org admin, or have customizations permissions.

Configure app migration

  1. In the Admin Console, go to CustomizationsOkta Personal.

  2. Click Edit in the App Migration section.

  3. Turn on the Allow end users to migrate apps toggle.

  4. Enter domains that you want to exclude from migration in the Set email domains to block from app migration section. The email domains that each employee uses to sign in to your Okta org are automatically blocked. If your employees can access work apps using multiple email domains, enter those here.

  5. Click Save.

Enabling this feature introduces a managed app called Okta Personal App Migration. Be sure that it uses the same authentication policy as your Okta Dashboard app. See Add apps to an authentication policy.

Monitor app migrations in your org

  1. In the Admin Console, go to ReportsSystem Log.

  2. Review the following logs:

    • personal.admin.configuration.update: Logged when the app migration feature is enabled or disabled within your organization

    • personal.user.app_migration.export: Logged when an end user migrates personal apps from their Workforce account into an Okta Personal account. This log includes the list of imported app names and app URLs to allow you to verify that only personal apps are being exported.

Related topics

Okta Personal for Workforce

Configure interface updates

Okta Personal for Workforce user experience